Because of security reasons, these files should not be owned by www-data. They are readable by www-data (and therefore the apache server process) because they are readable by 'others'. However, they are not writable by anyone but root in order to prevent somebody through the apache server maliciously create a backdoor to brake into your system.
Therefore, I would like to close this bug report. Is this acceptable to you ?
Thanks for your bug report.
Because of security reasons, these files should not be owned by www-data. They are readable by www-data (and therefore the apache server process) because they are readable by 'others'. However, they are not writable by anyone but root in order to prevent somebody through the apache server maliciously create a backdoor to brake into your system.
Therefore, I would like to close this bug report. Is this acceptable to you ?
Thanks